b2f710533edccb8637551893bd374e7866dae423c8f4db078b9af0043f2a4ca2

Sharing

Copy URL Twitter E-mail

General

Target

b2f710533edccb8637551893bd374e7866dae423c8f4db078b9af0043f2a4ca2
Size

1.4MB
MD5

73feb1860e17e1a372226acb46c93be0
SHA1

63bc123a1cb1be35275e7460a3992b6372c14522
SHA256

b2f710533edccb8637551893bd374e7866dae423c8f4db078b9af0043f2a4ca2
SHA512

19181cb10bfc179a3254721cfbaa6ad333ab7f24a8dc6208594dcb08ec14c91e0e64d99779e9d5e58c4e3ed0d058a61490cfe2830e83174a4a040c0fbbaadd25
SSDEEP

24576:kGQCcz5WVtU17/XPp2rlPtJIRmAmrX8JJ9kgXRzIGhV:kl5+wzhH4AmiXR1hV

Score

N/A

Malware Config

Signatures

Files

b2f710533edccb8637551893bd374e7866dae423c8f4db078b9af0043f2a4ca2
.exe windows x64

38f2c8b7adddb95766502e60da7655ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

difxapi

DriverPackagePreinstallA
DriverPackageInstallA
DriverPackageUninstallA

kernel32

GetFullPathNameA
GetShortPathNameA
CreateFileA
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
GetFileAttributesA
GetFileTime
HeapAlloc
HeapFree
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
GetProcessHeap
RaiseException
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
ExitThread
CreateThread
HeapSize
ExitProcess
GetStdHandle
HeapSetInformation
HeapCreate
HeapDestroy
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
RtlVirtualUnwind
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
Sleep
GetACP
FatalAppExitA
SetConsoleCtrlHandler
GetVolumeInformationA
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetDateFormatA
GetTimeFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
MultiByteToWideChar
WideCharToMultiByte
GetLastError
GetVersion
OutputDebugStringA
lstrcatA
lstrcpyA
lstrlenW
CompareStringA
CompareStringW
lstrcmpiA
lstrcmpiW
lstrlenA
GetEnvironmentVariableA
GetEnvironmentVariableW
GetStringTypeExA
GetStringTypeExW
SetLastError
MulDiv
SizeofResource
LockResource
LoadResource
FindResourceA
LocalFree
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
CopyFileA
GetTimeZoneInformation
GlobalFree
GetModuleFileNameA
GetCurrentProcessId
LocalAlloc
LeaveCriticalSection
TlsGetValue
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
SetErrorMode
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetOEMCP
GetCPInfo
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
FreeResource
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
lstrcmpW
GetVersionExA
SystemTimeToFileTime
EnterCriticalSection
FileTimeToSystemTime
GetThreadLocale
GetAtomNameA
GlobalGetAtomNameA
GlobalFlags
lstrcmpA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
GetCurrentThreadId
ResumeThread
SetThreadPriority
CloseHandle
FreeLibrary
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection

user32

GetNextDlgTabItem
CreateDialogIndirectParamA
GetDialogBaseUnits
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
DestroyMenu
GetMenuItemInfoA
InflateRect
ScrollWindowEx
ShowWindow
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
EndDialog
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
GetMenu
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
EqualRect
CopyRect
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowTextLengthA
wvsprintfA
CharLowerA
CharLowerW
CharUpperA
CharUpperW
RemoveMenu
GetFocus
GetDesktopWindow
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
GetWindowTextA
SetWindowTextA
UnregisterClassA
SetWindowsHookExA
CallNextHookEx
DestroyIcon
DeleteMenu
ShowOwnedPopups
SetCursor
PostQuitMessage
EndPaint
BeginPaint
SetScrollPos
GetWindowDC
GetSubMenu
GetMenuItemCount
GetMenuItemID
InsertMenuA
AppendMenuA
GetMenuStringA
GetMenuState
MessageBoxA
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetParent
GetWindowLongA
SendMessageA
GetWindowThreadProcessId
UnhookWindowsHookEx
GetSysColorBrush
GetSysColor
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
DeferWindowPos

gdi32

GetTextExtentPoint32A
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetTextMetricsA
BitBlt
CreateCompatibleDC
CreateFontIndirectA
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateBitmap
DeleteObject
CreateDCA
CopyMetaFileA
Escape
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueA
RegOpenKeyA
RegQueryValueExA
RegCreateKeyA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey

shell32

ExtractIconA
SHGetFileInfoA

shlwapi

PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

ole32

ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
CoTaskMemAlloc
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
OleDuplicateData
CoDisconnectObject
CoCreateInstance
StringFromGUID2
CLSIDFromString
ReadFmtUserTypeStg

oleaut32

SysFreeString
SysAllocStringByteLen
SysStringLen
SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantClear
SafeArrayRedim
VariantChangeType
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate
VariantInit
SafeArrayGetUBound

Sections

.text
Size: 660KB - Virtual size: 659KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 1024B - Virtual size: 923B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 560KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

38f2c8b7adddb95766502e60da7655ac

Headers

DLL Characteristics

File Characteristics

Imports

difxapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Sections

.text Size: 660KB - Virtual size: 659KB

.rdata Size: 140KB - Virtual size: 140KB

.data Size: 14KB - Virtual size: 38KB

.pdata Size: 40KB - Virtual size: 40KB

.idata Size: 20KB - Virtual size: 19KB

.didat Size: 1024B - Virtual size: 923B

.rsrc Size: 560KB - Virtual size: 1.9MB

.text
Size: 660KB - Virtual size: 659KB

.rdata
Size: 140KB - Virtual size: 140KB

.data
Size: 14KB - Virtual size: 38KB

.pdata
Size: 40KB - Virtual size: 40KB

.idata
Size: 20KB - Virtual size: 19KB

.didat
Size: 1024B - Virtual size: 923B

.rsrc
Size: 560KB - Virtual size: 1.9MB